This PR was squashed before being merged into the 3.4 branch (closes#26041).
Discussion
----------
Display the Welcome Page when there is no homepage defined
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony-docs/issues/9178
| License | MIT
| Doc PR | -
In 3.4 we added a trick to display the Welcome Page when the user browses `/` and there are no routes defined. However, when using the `website-skeleton` (which is what most newcomers use ... and they are the ones that mostly need the "Welcome Page") the premise about *"no routes are defined"* is never true and the Welcome Page is never shown (see https://github.com/symfony/symfony-docs/issues/9178 for one of the multiple error reports we've received).
So, I propose to make this change to always define the "Welcome Page" as the fallback:
* If no routes are defined for `/`, the Welcome Page is displayed.
* If there is a route defined for `/`, this code will never be executed because it's the last condition of the routing matcher.
Commits
-------
5b0d9340d7 Display the Welcome Page when there is no homepage defined
This PR was merged into the 3.4 branch.
Discussion
----------
[Routing] Fix GC control of PHP-DSL
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Adding fluently in a collection is broken currently.
Commits
-------
239f2e2 [Routing] Fix GC control of PHP-DSL
* 2.8:
[Routing] Throw 405 instead of 404 when redirect is not possible
[Process] fix test case
Add security.tl.xlf to legacy directory
[Security][Validator] Add translations for Tagalog
fixed typo
Typo fix in security component lithuanian translation.
[Process] Check PHP_BINDIR before $PATH in PhpExecutableFinder
* 2.7:
[Routing] Throw 405 instead of 404 when redirect is not possible
[Process] fix test case
Add security.tl.xlf to legacy directory
[Security][Validator] Add translations for Tagalog
fixed typo
Typo fix in security component lithuanian translation.
[Process] Check PHP_BINDIR before $PATH in PhpExecutableFinder
This PR was squashed before being merged into the 2.7 branch (closes#25373).
Discussion
----------
Use the PCRE_DOLLAR_ENDONLY modifier in route regexes
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
`UrlMatcher::match($pathinfo)` applies `rawurldecode()` to the `$pathinfo` before trying to match it against the routes.
If the URL contains a percent-encoded trailing newline (like in `/foo%0a`), the default PHP PCRE will still consider `#^/foo$#` a match, as the `$` metacharacter will also match *immediately before* the final character *if it is a newline*. This behavior can be changed by applying the [`PCRE_DOLLAR_ENDONLY` modifier](http://php.net/manual/en/reference.pcre.pattern.modifiers.php).
Without this change, URLs with trailing `%0a` lead to weird notices further down the road, for example when the `RedirectableUrlMatcher` or its equivalent in `PhpMatcherDumper` kick in, look at the last character (this time actually the newline), append a `/` and try to redirect to the resulting URL. Ultimately, PHP will complain with `Warning: Header may not contain more than a single header, new line detected` when sending the `Location` header.
Commits
-------
f713a3e Use the PCRE_DOLLAR_ENDONLY modifier in route regexes
This PR was merged into the 3.4 branch.
Discussion
----------
[DI][Routing] Fix tracking of globbed resources
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25904
| License | MIT
| Doc PR | -
The current `GlobFileLoader` in `Config` misses resource tracking, so we can't use it and have to use a per-component one instead.
(deps=high failures will be fixed after merging up to master.)
Commits
-------
945c753 Add tests for glob loaders
ad98c1fa [DI][Routing] Fix tracking of globbed resources
* 2.8:
[Intl] Fixed the broken link
[Routing] Fix trailing slash redirection for non-safe verbs
[Debug] Fix bad registration of exception handler, leading to mem leak
[Form] Fixed empty data on expanded ChoiceType and FileType
* 2.7:
[Intl] Fixed the broken link
[Routing] Fix trailing slash redirection for non-safe verbs
[Debug] Fix bad registration of exception handler, leading to mem leak
[Form] Fixed empty data on expanded ChoiceType and FileType
* 3.3:
[appveyor] set memory_limit=-1
[Router] Skip anonymous classes when loading annotated routes
Fixed Request::__toString ignoring cookies
Make sure we only build once and have one time the prefix when importing routes
[Security] Fix fatal error on non string username
* 2.8:
[appveyor] set memory_limit=-1
[Router] Skip anonymous classes when loading annotated routes
Fixed Request::__toString ignoring cookies
[Security] Fix fatal error on non string username
* 2.7:
[appveyor] set memory_limit=-1
[Router] Skip anonymous classes when loading annotated routes
Fixed Request::__toString ignoring cookies
[Security] Fix fatal error on non string username
* 3.3:
[2.7] Fix issues found by PHPStan
Add php_unit_dedicate_assert to PHPCS
[WebProfilerBundle] Let fetch() cast URL to string
improve FormType::getType exception message details
[Intl] Update ICU data to 60.2
[Console] fix a bug when you are passing a default value and passing -n would ouput the index
* 2.8:
[2.7] Fix issues found by PHPStan
Add php_unit_dedicate_assert to PHPCS
improve FormType::getType exception message details
[Intl] Update ICU data to 60.2
[Console] fix a bug when you are passing a default value and passing -n would ouput the index